-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/7186/
-----------------------------------------------------------
(Updated Sept. 20, 2012, 9:10 p.m.)
Review request for shindig, Paul Lindner, Henry Saputra, johnfargo, Matt
Franklin, and Simon Hewett.
Description (updated)
-------
NOTE:
Original oauthpopup changes have been reverted in shindig trunk and attached as
a single patched to the JIRA associated with this review.
Using the changes in this review assumes you have first applied the patch in
the JIRA.
---------------
So I found this in our deployments for 1.0a where we have locked domains turned
on. From what I can tell, we would set the callback url to the base one
defined in shindig.properties and then encode a security token with the locked
domain callback url. When we got the callback on the unlocked domain, we would
redirect to the locked domain in the encoded token.
This appears to have been done because of some window.opener completion code
for makerequest which used to be set by the gadget (the gadget used to open the
window). Now the container opens the window and we don't need all this
redirection magic. So I've removed all the classes that had anything to do
with that (there were a few, but mostly well contained).
After digging through this code, I now fear for my sanity. Please, please,
PLEASE! code review this carefully. I am not an oauth expert.
This addresses bug SHINDIG-1864.
https://issues.apache.org/jira/browse/SHINDIG-1864
Diffs
-----
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthCallbackGenerator.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthCallbackGenerator.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthCallbackState.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthCallbackStateToken.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthFetcherConfig.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequest.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServlet.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/DefaultOAuthUriManager.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/OAuthUriManager.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/UriModule.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/GadgetOAuthCallbackGeneratorTest.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/GadgetTokenStoreTest.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthFetcherConfigTest.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthRequestTest.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServletTest.java
1387677
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/DefaultOAuthUriManagerTest.java
1387677
Diff: https://reviews.apache.org/r/7186/diff/
Testing
-------
Updated tests.
Removed obsolete tests.
Thanks,
Dan Dumont
